Archive

And from whence the light of the heavens did shimmer upon them from the clouds above, yea the Server Huggers did at first protest.

Yet, as the virtual supplanted the corporeal — these shells of the buzzing contrivance — they did wilt wearily as the compression of the rings unyieldingly did set upon them.

And strangely, once shod of their vestigial confines, they learned once again to rejoice and verily did they, of their own accord, assume the mantle of the make-believe server clan, and march forward lofting their standards high to readily bear their mark of the VM.

But as the once earth-bound, now ethereal, ascended their offers to the heavens and their clouds, the vessels of their capital dissolved their curtailment once more.

The VMs became vapor, their service, the yield. This tribe, once coupled to the shrines of their wanton packaging, became unencumbered once more.

Yet when these offers were set free upon the land, their services — compliant, supple and malleable — were embraced as a newfound purse, and the Clan of the App guarded them jealously once again, hoarding their prize from the undeserving.

Their reign, alas, did not last; their bastions eroded as the platforms that once gained them allegiance crumbled with the surfeit of consumption — their dispersion widespread and resources taxed.

Thus became the rule of the Data Clan whose merit lay in wait as the pretenders of the Cloud were forced to kneel in subservience.

For their data was big and they clutched it to their bosom as they once did their apps, VMs and carnal heat pumps…

It’s interesting to see how in such a short time we’ve seen the following progression:

As Big Data and the databases/datastores it lives in interact with then proliferation of PaaS and SaaS offers, we have an opportunity to explore better ways of dealing with these problems — this is the benefit of mass centralization of information.

Of course there is an equal and opposite reaction to the “data gravity” property: mobility…and the replication (in chunks) and re-use of the same information across multiple devices.

This is when Big Data becomes Small Data and the ability to protect it gets even harder.

With the enormous amounts of data available, mining it — regardless of its source — and turning it into actionable information (nee intelligence) is really a strategic necessity, especially in the world of “security.”

Traditionally we’ve had to use tools such as security event information management (SEIM) tools or specialized visualization* suites to make sense of what ends up being telemetry which is often disconnected from the transaction and value of the asset from which they emanate.

Even when we do start to be able to integrate and correlate event, configuration, vulnerability or logging data, it’s very IT-centric. It’s very INFRASTRUCTURE-centric. It doesn’t really include much value about the actual information in use/transit or the implication of how it’s being consumed or related to.

This is where using Big Data and collective pools of sourced “puddles” as part of a larger data “lake” and then mining it using toolsets such as Hadoop come into play.

We’re starting to see the commercialization of Hadoop outside of vertical use cases for financial services and healthcare and more broadly adopted for analytics across entire lines of business, industry and verticals. Combine the availability of cheap storage with ever more powerful and cost-effective compute and network and you’ve got a goldmine ready to tap.

One such solution you’ll hear more about is Zettaset who commercialize and productize Hadoop to enable the construction of enormously powerful data security warehouses and analytics.

Zettaset is a key component of a solution offering that is doing what I describe above for a CISO of a large company who integrates enormous amounts of disparate and seemingly unrelated data to make managed risk decisions that is fed to humans and automated processes alike.

These data are sourced from all across the business — including IT — and allows the teams and constituent interested parties from across the company to slice and dice data from petabytes of information which previously would have been silted. Powerful.

Look for more announcements about this solution around the Blackhat timeframe. It’s cool stuff.

This is one example where Big Data and “security” are paired in the positive.

/Hoff

* Ken Oestreich (@Fountnhead) tweeted an interesting and pertinent comment regarding my points related to SEIM and visualization tools that summarized the general idea I was getting at in referencing these existing toolsets:

…which of course was underscored by the clearly-bored Christian Reilly who has Citrix’s Cloud strategy already wrapped up tighter than piñata at a Mexican Wedding: